001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.portlet.impl.security;
023:
024: import EDU.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap;
025: import org.jboss.portal.portlet.security.PortletPermission;
026: import org.jboss.portal.portlet.security.PortletSecurityService;
027: import org.jboss.portal.security.PortalPermission;
028: import org.jboss.portal.security.PortalPermissionCollection;
029: import org.jboss.portal.security.PortalSecurityException;
030: import org.jboss.portal.security.RoleSecurityBinding;
031: import org.jboss.portal.security.SecurityConstants;
032: import org.jboss.portal.security.impl.JBossAuthorizationDomainRegistry;
033: import org.jboss.portal.security.spi.auth.PortalAuthorizationManagerFactory;
034: import org.jboss.portal.security.spi.provider.AuthorizationDomain;
035: import org.jboss.portal.security.spi.provider.DomainConfigurator;
036: import org.jboss.portal.security.spi.provider.PermissionFactory;
037: import org.jboss.portal.security.spi.provider.PermissionRepository;
038: import org.jboss.portal.security.spi.provider.SecurityConfigurationException;
039:
040: import java.util.Collection;
041: import java.util.Iterator;
042: import java.util.Set;
043:
044: /**
045: * Service that configures security for portlets.
046: *
047: * @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
048: * @version $Revision: 8784 $
049: * @since Mar 17, 2006
050: */
051: public class JBossPortletSecurityService implements
052: PortletSecurityService, AuthorizationDomain,
053: DomainConfigurator, PermissionRepository, PermissionFactory {
054:
055: /** . */
056: protected ConcurrentReaderHashMap securityConstraintsMap;
057:
058: /** . */
059: protected PortalAuthorizationManagerFactory portalAuthorizationManagerFactory;
060:
061: /** . */
062: protected JBossAuthorizationDomainRegistry authorizationDomainRegistry;
063:
064: public AuthorizationDomain getAuthorizationDomain() {
065: return this ;
066: }
067:
068: //*************************************************************
069: // AuthorizationDomain Interface Methods
070: //*************************************************************
071: public String getType() {
072: return PortletPermission.PERMISSION_TYPE;
073: }
074:
075: public DomainConfigurator getConfigurator() {
076: return this ;
077: }
078:
079: public PermissionRepository getPermissionRepository() {
080: return this ;
081: }
082:
083: public PermissionFactory getPermissionFactory() {
084: return this ;
085: }
086:
087: public Set getSecurityBindings(String uri) {
088: return (Set) securityConstraintsMap.get(uri);
089: }
090:
091: public void setSecurityBindings(String uri, Set securityBindings)
092: throws SecurityConfigurationException {
093: this .securityConstraintsMap.put(uri, securityBindings);
094: }
095:
096: public void removeSecurityBindings(String uri)
097: throws SecurityConfigurationException {
098: this .securityConstraintsMap.remove(uri);
099: }
100:
101: public PortalPermission getPermission(String roleName, String uri)
102: throws PortalSecurityException {
103: Set set = getSecurityBindings(uri);
104: if (set != null && !set.isEmpty()) {
105: for (Iterator i = set.iterator(); i.hasNext();) {
106: RoleSecurityBinding sc = (RoleSecurityBinding) i.next();
107: String constraintRoleName = sc.getRoleName();
108: if (constraintRoleName.equals(roleName)
109: || SecurityConstants.UNCHECKED_ROLE_NAME
110: .equals(constraintRoleName)) {
111: return createPermission(uri, sc.getActions());
112: }
113: }
114: }
115: return null;
116: }
117:
118: public PortalPermission createPermissionContainer(
119: PortalPermissionCollection collection)
120: throws PortalSecurityException {
121: return new PortletPermission(collection);
122: }
123:
124: public PortalPermission createPermission(String uri, String action)
125: throws PortalSecurityException {
126: return new PortletPermission(uri, action);
127: }
128:
129: public PortalPermission createPermission(String uri,
130: Collection actions) throws PortalSecurityException {
131: return new PortletPermission(uri, actions);
132: }
133:
134: public void create() throws Exception {
135: this .securityConstraintsMap = new ConcurrentReaderHashMap();
136: }
137:
138: public void start() throws Exception {
139: // Add ourself as the authorization domain
140: authorizationDomainRegistry.addDomain(this );
141: }
142:
143: public void stop() throws Exception {
144: authorizationDomainRegistry.removeDomain(this );
145: }
146:
147: public void destroy() {
148: securityConstraintsMap = null;
149: }
150:
151: public JBossAuthorizationDomainRegistry getAuthorizationDomainRegistry() {
152: return authorizationDomainRegistry;
153: }
154:
155: public void setAuthorizationDomainRegistry(
156: JBossAuthorizationDomainRegistry authorizationDomainRegistry) {
157: this .authorizationDomainRegistry = authorizationDomainRegistry;
158: }
159:
160: public PortalAuthorizationManagerFactory getPortalAuthorizationManagerFactory() {
161: return portalAuthorizationManagerFactory;
162: }
163:
164: public void setPortalAuthorizationManagerFactory(
165: PortalAuthorizationManagerFactory portalAuthorizationManagerFactory) {
166: this.portalAuthorizationManagerFactory = portalAuthorizationManagerFactory;
167: }
168: }
|